Overview
This article describes how to execute scripts outside of your cgi-bin using a .htaccess file.
You will be able to execute CGI scripts outside of your cgi-bin. Enabling this in a web-accessible directory is slightly more insecure than limiting script execution to the cgi-bin, because if a malicious script is ever uploaded to your server, it will be more easily able to be executed.
Requirements
Before you start, you'll need:
- FTP login credentials and a plain text editor or SSH enabled and vi knowledge.
- You must have SSH access set up for root or a sudo user.
READ ME FIRST
This article is provided as a courtesy. Installing, configuring, and troubleshooting third-party applications is outside the scope of support provided by (mt) Media Temple. Please take a moment to review the Statement of Support.
READ ME FIRST
This article is provided as a courtesy. Installing, configuring, and troubleshooting third-party applications is outside the scope of support provided by (mt) Media Temple. Please take a moment to review the Statement of Support.
Instructions
Add the following lines to your .htaccess.htaccess file:
Filename: .htaccess
AddHandler cgi-script .cgi .pl
Options +ExecCGIThen, upload the .htaccess file to the directory in which you want to enable CGI script execution, via FTPFTP. For more information on creating and uploading .htaccess files, please see: Using .htaccess filesUsing .htaccess files.
NOTE:
You can add any file extension to the AddHandler line in your .htaccess file. The example is for CGI and Perl scripts.
If you are using this directive in your existing cgi-bin directory, the above line alone will also work.
Enable server-wide execution
You can enable server-wide processing of cgi scripts. Note that this will make your server more vulnerable if you get hacked. To do this, uncomment the cgi-script AddHandler directive in the main Apache configuration file, /etc/httpd/conf/httpd.conf.
- Connect to your server as root or a sudo user via SSH.
- Open the
httpd.conffile for editing:vi /etc/httpd/conf/httpd.confvi tip:
Press
ito enter insert mode so you can type and copy/paste. Use the arrow keys to navigate. Press the Esc key to exit insert mode when you are done modifying the file. Type:wqto save and quit. - Locate this line:
Filename: httpd.conf
#AddHandler cgi-script .cgiRemove the # so that it looks like this:
Filename: httpd.conf
AddHandler cgi-script .cgi - Restart Apache with the following command:
/etc/rc.d/init.d/httpd restart
That's it. You should now be able to execute cgi scripts anywhere on the server.
vhost.conf
You can also modify your vhost.conf file to allow execution of cgi scripts on a per-domain basis. This allows execution of cgi scripts in the httpdocs directory for a particular domain.
- Connect to your server as root or a sudo user via SSH.
- Create or edit your vhost.conf file:
vi /var/www/example.com/conf/vhost.conf/vi tip:
Press
ito enter insert mode so you can type and copy/paste. Use the arrow keys to navigate. Press the Esc key to exit insert mode when you are done modifying the file. Type:wqto save and quit. - Add the following lines to the file and save your changes:
Filename: vhost.conf
<Directory /var/www/vhosts/example.com/httpdocs> <Files ~ (\.cgi$)> SetHandler cgi-script Options ExecCGI allow from all </Files> </Directory>
NOTE:
Replace example.com with your domain name. If this is an additional domain on the same webspace or subscription, replace example.com for the root directory for the additional domain. The default directory for an additional domain in this example is site1, see Figure 1 below.
Figure 1. - Run the following command to reload your Apache configuration files:
/usr/local/psa/admin/sbin/httpdmng --reconfigure-all
See also
For more information about your vhost.conf file in general, and this specific issue, see:
Comments